Security Culture

The ideas, customs, and social behavior of a particular people or society
that allows them to be free from danger or threats.

My organization?

by  on 

My organization, what do they know about security that may help me? You may ask when first learning about the Security Culture Framework in the organization module. As the expert at information security you are sure about that you have all the skills needed to educate your organization in how they shall adapt to the security rules that you have…

Read more →

An ordinary data breach

by  on 

  Recently I received an email from a nursing home. It was not meant for me, and it was full of confidential information. How did that happen? I am the owner of the domain merwe.nl and so I receive any mail addressed to email addresses ending with @merwe.nl. The nursing home has admitted a patient Van de Merwe and they…

Read more →

Culture includes both the artist and their audience

by  on 

  What does the word “culture” mean to you? When I think of culture I think of it as something that encompasses an entire society of people, not just a subset; so a security culture should consist of everyone within the scope of a security domain – whether that’s an organisation, group, location or other defined range. That said, your…

Read more →

How do you define your goals?

by  on 

Know your goal Your security culture program success is a direct result of your direction and your goals. How do you define your goals? With the SCF module Metrics, you set goals, define your baseline and decide how to measure security culture in your organization/program. Read more on the Metrics module: https://securitycultureframework.net/category/framework/metrics/

Read more →

What can you change today?

by  on 

Be holistic! Use Policies, Competence and Technology together to change security behaviors: What can you change today? The Topics module is used to determine which topics to train in order to reach your targets. There are a large numbers of different topics to train to succesfully create security culture, from technical areas, via passwords, policies and legalities, to how to discover…

Read more →

What are your goals?

by  on 

Measure your success: Define clear goals using the SMART makes it easy to know if you fail or succeed. What are your goals? With the SCF module Metrics, you set goals, define your baseline and decide how to measure security culture in your organization/program. Read more on the Metrics module: https://securitycultureframework.net/category/framework/metrics/

Read more →

How Culture Impacts Negotiations

by  on 

Security culture is not only about avoiding phishing, or setting strong passwords. Security culture also includes communication with others, and when communicating, we often find ourselves in a negotiation. Have you ever failed utterly at a negotiation, and later considered that perhaps differences in cultures was at play?

In this HBR video, you can learn how different cultures impacts how we negotiate, what is acceptable social behavior during negotiation, and how trust is built.

Should you prefer to, you may read the HBR article too, it is in-depth with nice examples.

How do you see culture creates barriers for security culture in your organisation? How can you use your new knowledge of culture and trust to break down those barriers?

Photo Credit.

Security Key on Keyboard for Security Culture Post

Why you should invest in security culture

by  on 

Security investments is often seen as buying either hardware or software to protect our assets, both physical and logical, often this is not enough to ensure that we achieve the security levels we seek. The missing part of the investments is often in building knowledge, culture and understanding. If we provide people with valuable assets, such as information, we must…

Read more →